CVE-2022-41406

An arbitrary file upload vulnerability in the /admin/admin_pic.php component of Church Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt